.: ComRat 1.6 :.
Released 15 years, 4 months ago. Sep 2006By Elusive
- Coded by: Elusive
- Version: ComRat 1.6
- Released date: Sep 2006, 15 years, 4 months ago.
- Coded in: C, source included
- Family: ComRat 1.6
- Category: Remote Access
Server: dropped file: c:\WINDOWS\system32\comr.exe size: 36,600 bytes port: 1234 TCP added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Connection Initializer" tested on Windows XP November 05, 2006
Functions: 1) Send message box 2) Notepad Bomb 3) Swap Mouse buttons 4) Shut down server 5) Execute commands in system32 6) Crazy Mouse 7) Create remote shell 8) Upload file 9) Uninstall Server The Server ----------------- First of all it hides itself from taskmanager and it installs itself as comr.exe. It then adds itself to the registry in the HKLM "run" key as "Connection Initializer" The only way to locally stop the program is to go through command prompt and type "taskkill /f /im comr.exe" . Coming Editions -------------------------- In my next version I am making it so the client can download files and also so that the server can be install locally through the command -install or remove it locally by the command -uninstall. I will also make it so then you can locally specify what port to listen on for connections or if you want to reverse connect to a specific computer. The ip address would be put in a registry key and would be encrypted for the programs use only.
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.